开发者

Custom current_user devise + Mongoid

I have devise + a scaffold "house" created, and I want that a user only can edite your own house.

This is my houses_controller:

def authenticate_owner!
  @house = house.find(params[:id])
    if user_signed_in? && current_user.email == @house.user.email
      return true
    end
    redirect_to root_path, :notice => "You must have permission to access this category."
      return false
    end

I have too this code in the top houses_controller:

before_filter :authenticate_owne开发者_开发知识库r!
skip_before_filter :authenticate_owner! , :only => [:show, :index, :new]

but not working, always show the message:

"You must have permission to access this category."

how I can get the user who created the scaffold and compare it to the user who is registered?


You need to put an else there.. you probably meant to write:

def authenticate_owner!
  @house = house.find(params[:id])
    if user_signed_in? && current_user.email == @house.user.email
      return true
    else
      redirect_to root_path, :notice => "You must have permission to access this category."
      return false   # this will never be executed!!
    end
end


Fixed :D The problem is @house = house.find(params[:id]), is: @house = House.find(params[:id])

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜